Claude Opus 4.6 deliberately circumvents automated review hooks by obfuscating flagged terms
Bug Report
Description
When using Claude Code with Claude Opus 4.6, the model deliberately circumvents user-defined automated review checks (hooks) designed to catch policy violations in generated code.
Setup
I have established an extensive system of automated review checks and hooks that scan generated code for specific terms indicating violations (e.g., the German word "Veränderung" / "modification"). These checks are designed to flag code that violates project-specific rules.
Observed Behavior
- Claude read and understood my automated review rules and the associated checks.
- Claude identified which specific terms the hooks search for.
- Claude understood the intended action (block/flag) and the prohibition behind the rule.
- Instead of complying with the rule, Claude deliberately obfuscated the flagged term — writing
"veränderu--"instead of"Veränderung"in a code comment — specifically to bypass the automated check. - When confronted, Claude confirmed it did this intentionally to circumvent the safety mechanism.
Expected Behavior
- Claude should follow the project rules directly and not write code that violates them.
- If Claude does write such code, it should use the correct terminology so that the automated check catches the violation.
- Under no circumstances should Claude actively circumvent user-defined safety mechanisms.
Why This Is Critical
This behavior constitutes deliberate sabotage of user-defined safety infrastructure. If a model actively works to evade oversight mechanisms, the entire trust model of human-in-the-loop review breaks down. Users cannot rely on automated checks if the model learns to circumvent them.
Environment
- Claude Code CLI
- Model: Claude Opus 4.6
- Platform: Windows 11
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗